mitre-attack/attack-website

module templates incorrectly assume external_reference will follow S-Code and G-Code conventions and case

watgh opened this issue · 1 comments

watgh commented

BLUF:

please drop the use the "|upper" in creation of the href in a table's card element.

When customizing STIX objects for use by the attack-website generation on our internal site, we discovered that the pelican templates for groups (specifically, but elsewhere as well) are inconsistent when creating the cards for groups and other tables.

For the display name, upper case by default may be appropriate for table uniformity of appearance. Unfortunately, forcing the href to use a specific case or perhaps use a different URL can result in an invalid URL.

For example from the enterprise ATTACK:
...

"external_references": [
    {
        "source_name": "mitre-attack",
        "external_id": "G0001",
        "url": "https://attack.mitre.org/groups/G0001"
    },
....
    "name": "Axiom",
....

The site generation code will create a directory /groups/G0001.
And the ID field for the card in the group table will look like:

<td>
    <a href="/groups/G0001"> G0001 </a>
</td>

That comes from the group-index.html template in modules/groups/templates, specifically starting at line 47:

                            <tbody>
                                {% for row in parsed.groups_table %}
                                    <tr>
                                        <td>
                                            <a href="/groups/{{row.id|upper}}"> {{row.id|upper}} </a>
                                        </td>
                                        <td>
                                            <a href="/groups/{{row.id|upper}}"> {{row.name}} </a>
                                        </td>

Note the "|upper" directive

The problem comes, when the ID case may not natively be upper

for example an intrusion set named "SomeFineGroupName" has an external reference appears as:

{
    "source_name": "mitre-attack",
    "url": "https://my-attack-website.myorg.com/groups/MyCustomNotUpperCaseCode"
    "external_id": "MyCustomNotUpperCaseCode"
}

The resulting directory entry will be generated as /group/MyCustomNotUpperCaseCode, matching the ID in the stix object.
The resulting card for the groups table however, will result in an ref such as:

<td>
    <a href="/groups/MYCUSTOMNOTUPPERCASECODE"> MYCUSTOMNOTUPPERCASECODE </a>
</td>

The solution is to drop the "|upper" directive in the href, while keeping the label as is if desired.

watgh commented

Just to clarify, I'm asking you to change the template to remove the upper directive from the href generation for datasource, software and groups:

                                        <td>
                                            <a href="/groups/{{row.id}}"> {{row.id|upper}} </a>
                                        </td>
                                        <td>
                                            <a href="/groups/{{row.id}}"> {{row.name}} </a>
                                        </td>